Kepard.exe

Kepard

This is a setup program which is used to install the application. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Kepard’. This is installed with Kepard. The file has been seen being downloaded from download2149.mediafire.com.
Publisher:
Kepard

Description:
Kepard

Version:
1.0.8.5

MD5:
a2e0624df07aa64c1f941b63bf5ef830

SHA-1:
c443c2bef97f769ec2973a034672e97a924c5067

SHA-256:
82abda78b14b786fcf9177c1718d1a879d163627cb6fd5cf6e153ea3ae262ca6

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
9/19/2018 10:21:08 AM UTC  (today)

File size:
729 KB (746,496 bytes)

Product version:
1.0.8.5

Copyright:
Kepard, Inc.

Original file name:
Kepard.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\kepard\kepard.exe

File PE Metadata
Compilation timestamp:
12/14/2013 10:00:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:aGsbGiPn2939UvbBnbS+Takk2tUl1OyiregvXZXTTT2RhnFWdwZKjj/lEEiJnwHb:vsFtnt+iretqEj8Y01ZWr/62hXZ/K

Entry address:
0x91E0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
576 KB (589,824 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Kepard

Command:
"C:\Program Files\kepard\kepard.exe" tray


The file Kepard.exe has been discovered within the following program.

Kepard  by Kepard
www.kepard.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file Kepard.exe has been seen being distributed by the following URL.

Scan Kepard.exe - Powered by Reason Core Security